package cn.ecut.tbjie.controller;

import cn.ecut.tbjie.annotation.NoToken;
import cn.ecut.tbjie.model.People;
import cn.ecut.tbjie.service.LoginService;
import cn.ecut.tbjie.service.PeopleService;
import cn.ecut.tbjie.utils.JSONResult;
import com.fasterxml.jackson.annotation.JsonIgnore;
import io.swagger.annotations.Api;
import io.swagger.annotations.ApiImplicitParam;
import io.swagger.annotations.ApiImplicitParams;
import io.swagger.annotations.ApiOperation;
import lombok.extern.slf4j.Slf4j;
import org.json.JSONObject;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.RestController;
import springfox.documentation.annotations.ApiIgnore;

import javax.servlet.http.HttpSession;

@RestController
@Api(tags = "用户登录接口")
@RequestMapping("/Login")
@Slf4j
public class LoginController {

    @Autowired
    PeopleService peopleService;

    @Autowired
    LoginService service;


    @NoToken
    @PostMapping("/getrs")
    @ApiOperation(value = "用户登录1 请求随机位插入数组与盐")
    @ApiImplicitParam(name = "peopleName", value = "用户名", required = true, type = "String")
    public JSONResult getRS(@RequestParam("peopleName") String peopleName , @ApiIgnore HttpSession session){
        log.info("peopleName = {}", peopleName);
        People people = peopleService.getByName(peopleName);
        JSONObject jsonObject = new JSONObject();
        jsonObject.put("oldRandomKey",people.getPeopleCoreNum());
        jsonObject.put("oldKeySalt",peopleService.getSaltByPeople(people));
        people = peopleService.updatePeopleSaltAndRandom(people);
        session.setAttribute("newPeople",people);
        jsonObject.put("newRandomKey",people.getPeopleCoreNum());
        jsonObject.put("newKeySalt",peopleService.getSaltByPeople(people));
        jsonObject.put("peopleId",people.getPeopleId());
        return new JSONResult(200,true,"已返回新旧randomKey",jsonObject.toString());
    }

    @NoToken
    @PostMapping("/checkpsw")
    @ApiOperation(value = "用户登录2 请求验证密码")
    @ApiImplicitParams ({
        @ApiImplicitParam(name = "peopleId", value = "用户Id", required = true, type = "number"),
        @ApiImplicitParam(name = "oldPasswordMD5", value = "旧密码的密文", required = true, type = "String"),
        @ApiImplicitParam(name = "newPasswordMD5", value = "新密码的密文", required = true, type = "String"),
    })
    public JSONResult checkPsw(@RequestParam("peopleId") int peopleId, @RequestParam("oldPasswordMD5") String oldPasswordMD5, @RequestParam("newPasswordMD5") String newPasswordMD5, @ApiIgnore HttpSession session){
        log.info("peopleId = {}, oldPasswordMD5 = {}, newPasswordMD5 = {}",peopleId,oldPasswordMD5,newPasswordMD5);
        boolean verOldPsw =  service.verifyPassword(oldPasswordMD5,peopleId);
        if (verOldPsw) {
            peopleService.updatePeoplePswById(peopleId,newPasswordMD5);
            People people = (People)session.getAttribute("newPeople");
            peopleService.updateSaltAndRandom(people);
            return JSONResult.ok("用户已完成登录验证");
        } else {
            session.removeAttribute("people");
            return JSONResult.build(501,false,"密码验证错误",null);
        }
    }
}
